In recent years, CE (consumer electronics) devices have gained widespread acceptance. The CE devices illustratively include audio-visual equipment such as video decks, stereo units and TV sets; household appliances such as rice cookers and refrigerators, and other electronic devices, all incorporating computers that allow users to make use of services via networks.
Diverse service servers exist on the network. The CE devices can utilize the services offered by these servers.
For example, where the CE devices are audio-visual equipment such as video decks, stereo units and TV sets, service servers can transmit content to these devices.
It has been proposed that a toilet bowl equipped with sensors be arranged to constitute a CE device capable of analyzing signals derived from the user's stools in order to check the state of the user's health.
Thus there are varieties of CE devices and there exist numerous service servers offering services to these devices.
Before offering its service, a service server may request that the target CE device be authenticated as a valid destination for the services to be offered.
Each CE device stores a device ID constituting ID information specific to that device and a pass phrase which is secret information for use in device authentication. On the network exists a device authentication server that determines whether a given CE device is valid through the use of these pieces of information.
On receiving a device authentication request from the service server, a CE device requests the device authentication server to authenticate its own identify and transmits the result of the device authentication to the service server.
The service server accesses the device authentication server to check that the result of the device authentication is valid. Thereafter the service server offers its service to the target CE device.
When carrying out a device authentication process, the device authentication server and the CE device generally utilize an asymmetric key scheme involving a public key paired with a secret key for exchanging information.
There has been proposed a user mutual authentication device that performs device authentication using public keys (disclosed as Japanese Patent Laid-open No. 3278612). What follows is an outline of this invention:
Upon an initial connection from a client to a server, the two parties use each other's public key to encrypt and exchange random numbers and public key information for mutual authentication. The two parties agree at this point on the random numbers and public keys to be used for the subsequent communication. The random numbers and public keys used for the initial authentication are stored in storing means of the client and server.
Upon second-time and subsequent connections, the authentication-use random numbers in each other's storing means are encrypted using a public key and exchanged for mutual authentication of each other's identify.
The device authentication scheme using public and secrete keys has the disadvantage of causing both the target device and the device authentication server to perform numerous calculations. In particular, the device authentication server is subject to heavy computing loads because it is requested to authenticate a plurality of devices.
In case the secret key of the device authentication server leaks out, all devices using public keys corresponding to that secret key could be affected.
It is therefore an object of the present invention to provide a device authentication system and related resources for performing device authentication efficiently using the common key system.